mirror of
https://github.com/iv-org/invidious.git
synced 2024-11-22 13:37:24 +00:00
Validate id, avoid db call if not needed
This commit is contained in:
parent
8c0efb3ea9
commit
38f6d08be6
@ -82,7 +82,7 @@ module Invidious::Routes::API::V1::Authenticated
|
||||
end
|
||||
|
||||
id = env.params.url["id"]?.try &.as(String)
|
||||
if !id
|
||||
if !id.match(/[a-zA-Z0-9_-]{11}/)
|
||||
return error_json(400, "Invalid video id.")
|
||||
end
|
||||
|
||||
@ -93,6 +93,10 @@ module Invidious::Routes::API::V1::Authenticated
|
||||
def self.mark_unwatched(env)
|
||||
user = env.get("user").as(User)
|
||||
|
||||
if !user.preferences.watch_history
|
||||
return error_json(409, "Watch history is disabled in preferences.")
|
||||
end
|
||||
|
||||
id = env.params.url["id"]?.try &.as(String)
|
||||
if !id.match(/[a-zA-Z0-9_-]{11}/)
|
||||
return error_json(400, "Invalid video id.")
|
||||
|
Loading…
Reference in New Issue
Block a user